UNIT111

-
3 Virtualization Infrastructure
and Docker

Syllabus
Contents
DesktopVirlua(ization
Desktop Virtualization-Network Virtualization-StorageVirtualization-System-
levelofOperatingVirtualization-ApplicationVirtualization-Virtualclustersand
NetworkVirtualization
ResourceManagement-Containersvs.Virtual Machines - Introduction to Docker - Docker
StorageVirtualization
Components - Docker Container - DockerImages and Repositories.
System-LevelofOperatingVirtualization
ApplicationVirtualization
VirtualClustersandResourceManagement
3.7 IntroductiontoDocker
TwoMarksQuestionswithAnswers

(3-1)
 V/rtua/izationInfrastructureandDock
:Clou:'! dComp'!!_utf!!_mg :!_3_:-:_2

m DesktopVirtualizatlon
• ktF . . .n1sa.t
virtuahzah 1mo1og thatallowsthecreationandstorage
. dt tof
y • lehost res idingina aacenerorth
m.ultif1 usrdektpinstan onasing ' . e
1ud.Itisa hivdb u ingahypervisor,whichresidesontopofth.ehostserver
• 1d kt pstoutilizethecomputingpowerof
h ,rdwar t manag andallowv 1 rtua es o
th underlying erer hardware.
• Fi. .1.1hwsdesktopvirtualization.

I...,I
...>

0-,;•.
Client Virtualdesktop Server

Fig.3.1.1Desktopvirtualization

• The three mostpopular types ofdesktop virtualization are VirtualDesktop

Infrastructure(VDI),RemoteDesktop Services (RDS) and Desktop-as-a-Service
(DaaS).

fillTypesofDesktopVirtualization
1. Virtualdesktopinfrastructure
• Apopulartype ofdesktopvirtualizationisVirtualDesktopInfrastructure(VDD.
VDIusesaVMtodeliverpersistentornon-persistentvirtualdesktopstomany types
ofconnecteddevices.
• Withapersistentvirtualdesktop,eachuserhasaunique,dedicateddesktop
imagetheycancustomizewithappsanddata,knowingthedesktopwillbe saved for
futureuse.
• Anon-persistentVDIallowsuserstoaccessavirtualdesktopfromanidentical pool
whentheyneed it.Once the user logsoutof a non-persistent VDI, the VDI revertsto its
unalteredstate.
• CharacteristicsofVDI:
IJVirtualdesktopslivewithinvirtualmachinesonacentralizedserver.
ii) Eachvfrtualdesktopincludesanoperatingsystemimage,typicallyMir ft
Windows.
iii) Thevirtualmachinesar host-based,meaningmultipleintan be fthm aJl
housedonth sarn srver within the datacnter.
 ®
TECHNICALPUBLICATIONS -anup-thrustforknowledge
 CloudComputing
3-3
Virtua/izationInfrastructureandDocker
iv) Endclients,suchasPCs bl
, ta etsorthinclientterminals,mustbeconstantly
connectedtothecentr11
. . a Ymanagedserversotheycanmaintainaccesstothe
v1rtuahzeddesktopsthey'rehosting.
v) Theconne ctionbrok e • ftw
. r i saso arelayerthatactsasanintermediarybetween
. . .
usersandvutualresources,wh 1. ch savi rtualdesktopwi thi ntheresource

find
poolforeachclientuponsuccessfulaccessoftheVOienvironment.
• HerearesomereasonswhyVDI1• sb
enef1.c1. a : 1
a) SavemoneyonlicensingandindividualWorkstations/PCsbyusingthin clients.

b) Fullysecuredvirtualenvironmentthatisfullymonitoredandmanaged.
c) Centralizedmanagementandbackups.
d) Secureremoteaccessfromanywhereintheworld.
e) Costreductionformultiplesoftwarelicenses.
• Disadvantages:
a) Ifanindividualrequires differentapplications fromthe other users, they will
requireacompletelydifferentimage,withoutchangingtheapplicationsforotherusers.
b) Asubstantialinitialoutlayisrequiredforthemainserverhardware,storage
andnetworkinfrastructure.This mightnotbe feasiblefor somesmaller businesses.
c) Administrators, savvytothelimitations,problemsolvingandinstallationof
VOiswilleitherhavetobebroughtinorexistingITstaffgiventherelevant
training.
d) Ifa problemoccurs,thiswillgenerallyaffectallusers,ratherthanbeingable
toisolateproblemsifoperating systemsrun offindividualPCs.

2. RemoteDesktopServices
• Remote DesktopServices(RDS) or Remote DesktopSession Host (ROSH)are
beneficialwhereonlylimitedapplicationsrequirevirtualization. Theyallowusers
toremotelyaccess Windows applications anddesktopsusing theMicrosoft
Windowsserveroperating syStem.
• RDSisamore cost-effectivesolution,sinceone Windowsserver cansupport
multipleusers.
3. Desktop-as-a-Service(DaaS)
• Desktop-as-a- (DaaS)isaflexibledesktopvirtualizationsolutionthatues
rserv1.ce
. 1 machinesbackedbyathird-partyprovider.UsingDaaS,
cloud-based vi rtua

®
TECHNICALPUBLICATIONS -anup-thrustforknowledge
 _ Vfrtualization Infrastructure and
34 ·n g--------- ::
Dock2'.C°!:.lo u d C::o n 1p u t1 :------------------

oranizatin canoutourcedesktopvirtualizationsolutionsthathelpa userto

acce mputr applications anddesktopsfrom anyendpointplatform or device.

flflBenefitsofDesktopVirtualization
1. urcutilization: SinceITresourcesfordesktopvirtualizationareconcentrated
inadatacenter,resources ·arepooledfor efficiency.
emoteworkforceenablement:Sinceeachvirtualdesktopresidesincentral
erers,newuserdesktopscanbeprovisionedinminutesandbecomeinstantly aailable for
newusersto access.
3. VDIofferssecurityimprovementscomparedwithrunningeverythinglocally.

m NetworkVirtualization

• etworkvirtualization refers to the technologythatenablespartitioningor

aggregatingacollectionofnetworkresourcesandpresentingthemtovarioususers inawaythat
each user experiences an isolated and uniqueview ofthephysical network.
• etworkvirtualizationcreatesvirtualnetworkswherebyeachapplicationsees its
ownlogicalnetworkindependentofthephysicalnetwork.
• A virtual LAN (VLAN) is an
exampleofnetworkvirtualization
'
that provides an easy,flexible, Workload Workload Workload
and less expensive way to
manage networks.
• VLANs make large networks L2,L3,L4-7Networkservices
moremanageablebyenablinga
r -----,,-----...
centralized configuration of Virtual Virtual Virtual
network1 network2 network3
devices located m physically \.

diverselocations. ( Network virtualization platform

• Fig.3.2.1showsnetwork
virtuahzation.
)Requirement: IP transport
• Consider a companyin which the
usersofa
departmentareseparatedoverametro
politanareawith theirresources
D
centrally located at one office.
• In atypical
network,eachlocationhasitsownnet Physicalnetwork

work Fig.3.2.1Networkvirtuallzation

TECHNICALPUBL/CATIONs®-anup-thrustforknowledge
CloudComputmg V,rtut1/11t1t1on/nfrw:tr11ctw

ll,nth'lll'dIlltlwPtl.,•r..,tl11·l 't1 1•l,t'l 'ltll't·.· ·.WI\l'I\t\l'l\l\<H"1-p,ll" -•l'lsll()S',flllll'I"",

I ( I ,..
1

l,,kth\mfltH'th's1wl\,•p1k1wrflltm,inn·.
• \\tlh\l\ ",l!Sl't's\\'1ths1nul,1r,1'Cl'sst'l'qutrL'llH'nt.L\111lwgrmqwdlogl'llwrmto tlw
:-,,,nw\'trlu,,1nl'lwurk'IhisH•lupl·linun,1ll'SllwtWl'dfornl'lwnrkrnulmg
• \:--•1t\·sult,,lltlllH1gh u.t'rs,in·physir,1lly lor,1\l'd,itdisp,ll'<lll'I<c,1tions,tht•
,,ppl'<llt hl',\ltlws,,nwltit\1lil)t1,h'l\':,singrci->ourn·slor,,11.
• In,\tdllil)l\ltl m11w,·,ngnl'l\\nrkpl'rflmll,llll'l',VU\Ns,,lsoprnvidl'l'nh,rncd
sL'untvbyt:--l)l,1tmgSt'nsiltVl'd,1t,1fromtlwotlwrnet nrks,rndb n•slncting
,lCCLssll)th' l'l'Sllt1rnsltw,,tl'dvvithinllw,wt\t>rks.
• •lwtrk vntu.1lt.1,1liondl't'nupll·s the rnksnf thl't1-.1dition,1l Int•rnl'lSer L'

Provii•r(lSl1s)mtL Inf,-.,strul'lur,Prnidl'l'S(lnl>:-i),rndSeri'CProidem(SPs)

• B'ndits:

Fasilv:--qmcntn•twrks.
Prm1lsr,1p1i·h,rnge/s·al.1bilil,andagil':kplotnlnl.
4. Scurit\frcmdstruction)fph1sicnld' i''S.

IIJStorageVirtualization
• ler.1gev1rtualiz.1linisam.ajorom.pornnlflrstragSL'rrs,m.theflrmf
funct1nalR10lcvlsandonlroll·rs.p't"<tings,st '11'\Sandapflicalil nswith dl'vi,anac'.sthedisksdir
'·tibthms·lvesforvriling.
• torngevirtual11alionincloudcomputingpl lsmullipl phs,i lstoragearray::;
fr Slorag
111 r'aNetworks(J\Ns)andmakL·sthem.•1ppar<IS<1sm, [L, irtu,11
storag dc\'i .Virluali;,,lionslorag separatestheslor,1g'rnanalt.11'\L'nls)tt\,,1rc
from the unddying hnrdvvar infraslruclurL'lo mor fll'ibili,t .Uh.i
provi,d
salabl,pool- (storageresources.
• Fig.3.3.1show,storag irlualiz.1lion.

• toragcvirtuali.L.ationref'l'Sl th'abtr,tinofslor,gLs1stmsfron.1,lfplic,ltilns
rc mputc.r Jli,fundationforth imp!mntatin fltlwrtl'·hnh•tl'Ssu·h
,, thinproii ninganddal,prle-tin,whihMl.'lransf,1rl'ntt tlwSLrv1.:r.
• torag virtualization fr vid, th abilil l pol storagL,sstuns mt ,\
conslidatd,hard cpaityth,lanb m,nt1gdfrm,1'L'tltralpL)int)f "· ntr

• Eampl f lrag virtualiztin..ar hsl-b,sed V(lum lU

re,tin,tap trag
irtualizatin nddikaddr, ing.
• torag irtualizatinhasth f11wing h,ratri8ti·s:
1 Th avaibbility of lg1 al vlumes SCf .1t-..1l' fnHn
constraints.
TECHNICALPUBLICATIONS® fint1p-thrt1stfor1<.nowlodgo
 3-6 VirtualizationInfrastructureend
----------------------------------- ke,
CloudCom'!!puting----------- "'

Various secondary storage devices

VirtualLzation layer

Fig.3.3.1Storagevirtualization

2. Thecapabilityofabstractingmultivendorstoragedevicesintoonegroupand
reallocatingstoragespaceindependentlyofsize orphysicallocation.
3. Thecapabilityofhavingautomatedstorageoptimizationandmanagement.
• Top level servers assigned one virtual volume, which iscurrently inuse by an
application. These virtual volumesare mappedto the actual storage in the arrays.
When an I/0is sentto a virtual volume,it isredirectedthroughthevirtualization at the
storage network layerto the mappedphysical array.
• Primarytypesofstoragevirtualizationsareblocklevelvirtualizationandfile
virtualization.
• Currentlythere arethreemethodsofstoragevirtualization:
1. Server-basedvirtualization:Thismethodplacesamanagementprogramonthe
hostsystemandhasthebenefitof leveragingtheSANassetasitis.
2 Fabric-based virtualization:Thiscan bedone via network witche r
appliance servers. In bothinstances, independentappliances,suchaswitche.
routersanddedicatedserversareplacedbetweenserversand tra ndhave
a storagevirtualizationfunction.Thepurposebehindthi i t redu- the
1mpactonth!':'existingSANandsrver.
3•Storag<array-bas"dvirtualiz.atin:Thi1 avirtualiztinimplmntdatthe
turagc-&ybt<--mlf'vcl.

rCHNICALPUBL/CArJONS® anup-thrutforknowledge
-- cto

udComputing
3
-7
Virtua/izationInfrastructureandDocker

1111StorageVirtualizationChallenges
• Storagevirtualizationhas d
. evo 1ve atatimewhendataexplosionthreatenedto throw
enterprise storage
.. managementtotallyoutofgear.
• Traditionally,managingd'k
is storagewas once simple : Ifenterprisesneededmore
space,they got abiggerd•kd . .
. . is nve.However,asdatastorageneedsgrew,multiple
disk drives had to b dd
e a ed. Over time technologies such as
RAI
network-attachedstora d storage-area networks evolved to tackle these
storagechallenges. gean

But managingandmaint • • h . .
• . am m g tousandsofdi skdn vespresentedanevenmore
seriousch_alengeandstoragevirtualizationemergedtotacklethese.
1. Scalab ty: Ensurestoragedevicesperformappropriaterequirements.Each array
1smanagedindependently.
2. Functionality : Virtualized environment must provide same or better
functionality. It must be contir:ue to leverage existing functionalityon arrays.
3. Manageability :Virtualizationdevice breaks end-to-end view of storage
infrastructureandmustintegrateexistingmanagementtools.
4. Support: Interoperabilityinmulti-vendorenvironment.
• Agoodstoragevirtualizationsolutionshould:
1. Enhancethestorageresourcesitisvirtualizingthroughtheaggregationof servicesto
increasethereturn ofexistingassets.
2. Not addanotherlevelofcomplexityinconfigurationandmanagement.
3. Improveperformancerather than act as a bottleneckin order forittobe
scalable.Scalability isthe capability of a system tomaintain performance linearly
as new resourcesare added.
4. Provide securemulti-tenancy so that users and data can share virtual resources
withoutexposure to otherusers'bad behavior or mistakes.
s.Notbeproprietary,butvirtualizeothervendorstorageinthesamewayasit
ownstoragetomakethemanagementseamless.

1111TypesofStorageVirtualization
• Storage virtualization provides the ability to pool storage sy _terns int
consolidated, sharedcapacitythatcanbe managedfrom acentralpomt f ntr1.

Vi.rtua11. za t1· 0ncanbe1·mplementedinbothstorageareanetworkandntwr

attachedstorage.
• StoragevirtualizationareoftwOtypes••BlocklevelandFilelev1.

®
TECHNICALPUBLICATIONS -anup-throstforknowledge
 3-8 Virtualizationfnfrastruct
CloudComputing -----------.::.:.:.:.=Ureand
OocL

IfflBlockLevelVfrtualizatlon
&,

•
Bl .....
i le,·l ,·irtualizatini usdinstorageareanetwork.Theactof
d . appJ"
.t' t ncormoreblock-base storageservi cesforthep
nrtua11za1 n . . Urpo,slle)8
pr,·idi1 anwblckservicetoclients.Someexamplesofblockv1rtualizationof
. a
di a r at1 n.
• 1 f whichisusedfordatastorageisprogressionofbytesandbitsand
proposedlength.Datawhichisalignedintheseblocksiscalledasbml
18
ade
up a . .
Ockeqandinertingdataintotheblock 1scalledblocking.
• Blcklevelstoragevirtualizationprovidesstorage tooperatingsystemsan
applicationsintheformofvirtualdisks.Fig.3.3.2Showsblocklevelvirtualization

Server
Server
Server 3 Server5
Server1-- 4
)--------------------j

Varioustypesofsecondarystoragedevices

DB D
Fig.3.3.2Blocklevelvirtualization

• There are two types of blocklevel virtualization. Oneis disk level virtualization,
wherebyan abstraction process movesdata froma physical disk level toa LUN level
and is presentedas though it were a physical device.
• Anothermethodisstoragelevelvirtualization,which,unlikedisklevel
virtualization,hidesthephysicallayerofRAIDcontrollersanddisksandhides
andvirtualizestheentirestoragesystem.
• SCSI commands are transmitted in between the initiator andtarget. There is no
overheadfile system like an ext3.
• BlocklevelfilesystemutilizesPC,iSCSIandFCOEprotocol.
• Blocklevelfilestorageisprettyexpensivebutisverymuchreliable.Itishighly
customjzablestorageandisversatileandspeedy.
• Block-levelvirtualizationisusuallyjustcalledstoragevirtualizationand erve
applicationssuchasdatabasesoftwarethatneedblock-levelaccesstodata.The
diskswilltypically(butnotalways)resideinStrageArea etworkarrays
(SA&).

TECHNICALPUBLICA.,. ®
,IONS -anup-thrustforknowledge
 3-9
VlrlUf-1/llltt/on Infra/fl)t,fUflJand OoCl<IJf
f!JI FileLevelVlrtuallzatlon

Networkattachedstorag fil , .
• e v virturl1zaticm.
filelevIstoragevirtualization 1l8 1. 1
• 1·t1·onsi·nthf prov1dsstorag.volume&tc,c,pnatmg<,ystnnand
app1ca e ormoffil 6and •
d 1 rectoris.Ace•sRto<:,turaw·i<,through
t ]
network pro oco s,suchasC0
mmonInternetPileSystem and NetworYfi)
Systems.
• Storag/es;.rcesandcapacityismaybeunderutilizedbecausefile&areboundto aspeci
ic1eserver.Itisnecessarymovethefilefromoneservertoanother server.
k
, Fiie-levelstorageisthepred omm•
antstoragetechnologyusedonharddnves,
Netwo.rk-Attach.edStorage(NAS)systemsand s u.1arstoragesystems. pJ·g .:.,;..;;,.:,.,;
shows file level V!rtualization. m .
.

�----------------------------------------------,
I\ l
\ I
\ \
I I
Var1ousf9fretdf'
\\
\
secohda'rYstorage I
I
'
\ devi<fes I
I Fileserver \
\
� I

B
\ \
\ \
\ \
\
\

\\
I
LJ fPNetwc;tk
I
1

'
I
I
\ Device
\

Switch

Node1 Node2 Node3

Fig.3.3.3Filelevelvirtualization

• Moving large number of files in not possible because it requires the server 1tobe
down.Serverandsomeapplicationsneedtobereconfiguredwiththenewpath.
Itcreatestheproblemfornetworkadministratorsforimprovingthetorae efficiencywhile
maintainingthe requiredservicelevel.
• Thisfileofvirtualizationonlysimplifiesthefilemobility.Itpr vide location
transparencytouser. Filelevelstorageworkswithanet3file tern Datai
'Writtenandreadinto files, which have variable lengths.

TECHNICALPUBLICATJONS®-Rn11n-thruslforknowledae
 r.c,oudC:om7!.puting1:_. 3-10 Virtua/izationlnfrastruct
...::..::_=:_ureand0
: . . .
• Filelevelstoragewillnot supportof virtualmahinefilesystem.Itsu
whichisessentialforESXand ESX1hostservers. PPort
externaIbootUp,
• Thistypestoragecannothandleheavytrafficonthenetwork.Recoveryoffile.s
inthislevelofdatastoragesystem. Storageresourcesandca . IS
muchfaSter Pac ity .
18
underutilized becausefilesare bound toaspecificfileserve I t
maybe
necessarymovethefilefromoneservertoanotherserver. r. ts

lf&IDifferencebetweenBlockLevelandFileLevelVirtualization
:""''""'"'"'""'""'«._''-'<-t:'J'"''-c'},Z''"""'"''"''•:,:-• ,«,-,•-7M•>'«,,,._
''•..;'",<<••":.:".'••<•.,:•,w,-<•-,,••.-•"•<«,««M<M••" "'«<W•<••«'°~•'•·••-«••««<-•<M...-••,.,,_,._,«O,-•m.,,".,%...,._,

}BtQklevel ,:: .. Filelevel

"'"..:(',,..,,.,,<-;:;,,'.,;t"('"'\,,;:,_,:·-»:,,,":'"""'""'""';,..,,•.,\.,..,:\/·-:-,..·::..:.·,,..\._,• •• ··: ••••••• •- • • .,.,••""""•

BJock--tevelvirtualizationworksbeforethfile Theserverthatusesthestoragemusthave
syate 0n9llers_,,an1Jk5,_'_ softwareinstalledonitinorderto enable
m\,exists,,ij'lpJac,

E:;c:
\ over cs • , ;: - file-

;;,{ :;. ¼'. :·.• It.isbasedonN ..·. _. _· -·-- j

0
; Blockacid:ressei:tr_-elJ.sectfQ,Red/[email protected]'·°' Filesareaccessedby"semantics"instructions.,
. 1
ttothestoragemedia;'t:}'i':/ '·,,_._·•\\' ·'\ Datainsidefilesisaccessedbybyte-ranges
(- ·...w'"'0tir:S1:;/:::);::::,?';. ',:•• withinthefile•.,_,,. ...',,,,.,----·-·.-. -1

<
N<N.:--.;.,.,·-·--·-

,
t StorageisacsJibl;singfibr\haru1el?r Fileleveltorageisusuallyaccessibleusing :
' iSCSl,. ,. ·. ... . . ..,, common.filelevelprotocolssuchasOFSand
1
lw•••:..:.,,,,_,c., Jj>;, . .,·.,:;-,, ,•,;'., ,:·';:.,,,;,;•• u .> """ NFS._ M•·<N.«•·•••·••.wo,•.·w«.·..,..,..,.,,_..,. ,...,.w,.w.,..,.No•-,w..........,-.,,_,_,_ j
ffl:jBenefitsofStorageVirtualization
• Benefitsofstoragevirtualization:
1. Dataisstoredinmoreconvenientlocationsawayfromthespecifichost.

2. The storagedevicesareabletoperformadvancedfunctionslikede-duplication,
replication,thinprovisioninganddisasterrecoveryfunctionality.
3. ByabstractingthestoragelevetIToperationscanbecomemoreflexiblein how
storageispartitioned,providedandprotected.
4. Improvedphysicalresourceutilization.
S.Lowertotalcostofownership:Virtualizedstorageallowsmoretobedone with the same or
less storage.

m System-LevelofOperatingVirtualization
• Operating-syStem-levelvirtualizationisaserver-virtualizationmethodwhere
thekernelofanoperatin t . . · s
. gsy sema11owsformulti ple1 Solateduser-space instance '
mSteadofjuStone.Suchinstances,whicharesometimescalledcontainersand
softwarecontainers.
• Thisreferstoanabstractio 1 b . .
n ayer etweentraditionalOSanduserapph cati ons.
TECHNICALPUBLICATIONs®-an1Jn-ff,r11stforknnwlprf(]P
 :cio.ud-com-put-ing-_:..---3--1-1--=-Vi-rtua-liza-tionInfrastructureand:Doc:ke:r
• n utsy p e of. virtualizationereatesi•solatedcontainersonasinglephys1· calserver
andtheOSinstancestoutilizethehard-wareandsoftwareindatacenters.

• Containers behavelikerealservers.w·1thconta.inersyoucancreateaportable,
consistentoperatingenvironmentfordevelopment,testinganddeployment.

Thisvirtualizationcreatesvirtualhostingenvironmentsto•allocateshardware resourcesamongalargenumbero
Operating-system-levelvirtualizationusuallyimposeslittletonooverhead, becauseprogramsinvirtualpartition

callinterfaceanddonotneedtobesubjectedtoemulationorberuninan intermediatevirtual
machine.

• Operatingsystem-level virtualization isnot asflexibleasothervirtualization

approachessinceitcannothostaguestoperatingsystemdifferentfromthehost one, ora
differentguest kernel.
• Insteadoftryingto runan entire guestOS,containervirtualizationisolates the guests,but
doesn'ttry to virtualizethe hardware. Instead, you have containersfor
eachvirtualenvironment.
• Withcontainer-based technologies, you'llneed a patchedkerneland.user toolstorun the
virtualenvironments.The kernelprovides process isolation and performs resource
management.
Whyoperatingsystemlevelvirtualization isrequired?
• Operating system level virtualization provides feasible solution for hardware level
virtualizationissue.Itinsertsavirtualizationlayerinsideanoperatingsystem
topartitionamachine'sphysicalresources.
• ItenablesmultipleisolatedVMswithinasingleoperatingsystemkernel.This kindof VM is
oftencalled a virtual executionenvironment(VE), VirtualPrivate System(VPS) or
simply container.
,Fromtheuser'spointofview,virtualexecutionenvironmentlooklikerealservers.

• Thismeansavirtualexecutionenvironmenthasitsownsetofprocesses,file
system,useraccounts,networkinterfaceswithIPaddresses,routingtable , firewallrules etc.
• AlthouhVEscanbecustomizedfordifferentpeople,theysharetheame
operatgin'gsytsem kernel Therefore,OS-levelvirtualizationi alsocalled ingl_
·
imagevirtualization.

®
TECHNICALPUBLICATIONS -anun-thru.;;ffnrknowledge
 CloudComputing 3 -1 2
Doc
VirtualizationInfrastructureand
Ivlrtuallzatlon?
ChallengestocloudcomputingInOSeIve
. the computing landscape
by shiftingthe
• Cloud computing is transforming . 1
ing a computati ona center tothird
hardware and staffing costs of mana g
parties.
• Cloudcomputinghasatleasttwochallenges: . .
1. TI1e ability to use a variable number of physicalmachinesandVirtual

mach• ine•instances depend'mgon theneeds of aproblem.For example,a

taskmayneedonlyasingleCPUduringsomephasesofexecutionbut
mayneedhundredsofCPUsatothertimes.
2. Itisrelatedtoslowoperationofinstantiatingnewvirtualmachine.Currently, newvirtual
machinesoriginateeitherasfreshbootsorasreplicatesofa
templateVM,unawareofthecurrentapplicationstate.Therefore,to
bettersupportcloudcomputing,alargeamountofresearchanddevelopment
shouldbedone.

AdvantagesofOSvirtualization
1. OSvirtualizationprovideleastoverheadamongalltypesofvirtualizationsolution.
2. Theyofferhighestperformanceandhighestdensityofvirtualenvironment.
3. Lowresourcerequirements.
4. HighScalability.

DisadvantageofOSvirtualization
1. TheysupportonlyoneoperatingsystemasbaseandguestOSinasingleserver.
2. Itsupportslibrarylevelvirtualization.

IDApplicationVirtualization
• Virtualization at theapplication level virtualizesan applicationas a VM.On a traditional
OS,anapplication often runsas a process.Therefore, application-level virtualizationis
alsoknownas process-levelvirtualization.
• Afullyvirtualizedapplicationisnotinstalledinthetraditionalsense,althoughit is
stillexecutedas ifit were. The applicationbehaves at runtimelike it is directly
interfacingwiththeoriginaloperatingsystemandalltheresourcesmanagedby it, butcanbe
isolatedtovaryingdegrees.
• Full application virtualization requires avirtualizationlayer.
Applicationvirtualizationlayersreplacepartoftheruntimeenvironmentnormallyprovided
by the operating system.
-
3-13
Virtua/izationInfrastructureandDocker

CloudComputing

• The layer intercepts alld.k .

transparentlyredirectsth is operations of virtualized applications and
. . emtoavirtual1· zed 1ocah•on,oftenasm•glef·ile.
• Theapplicationremains .
physicalone.Sincethe unwa_retatitaccessesavirtualresourceinsteadofa
filesspreadthrouh apphcahonisnowworkingwithonefileinsteadofmany
goutthesystem 1•tb
different com t ' ecomeseasytoruntheapplicationona
'db 'd puera nd previously incompatible applications can be run
s1e-y-s1e.
• Themostpopularapp h .
. . . roac 1stodeployHighLevelLanguage(HLL)VMs.Here
thev1rtuahzationlayers·t . .
s1 as an applicationprogramontopoftheoperating
sys tem,andthelayer
. exportsanabstractionofaVMthatcanrun programs
writtenandcompiledt .
. . 0 aparti cularabstractmachinedefinition.Anyprogram
writtenintheHLLandcomp1'ledfor this VMw1·11 eabletorunon1•t.
• Benefits: b

1. Applicationvirtualiz'at1· 0nusesfewerresourcesthanaseparatev·irtualmachi• ne.

2. Applicationvirtualizationalsoenablessimplifiedoperatingsystemmigrations.
3. Applicationscanbetransferredtoremovablemediaorbetweencomputers withoutthe
needofinstalling them, becomingportable software.
• Limitations:
1. Notallcomputerprogramscanbevirtualized.
2. Lowerperformance.
VirtualClustersandResourceManagement
• As with traditionalphysical servers, Virtual Machines(VMs)canalsobe clustered.
AVMclusterstarts withtwo ormorephysicalservers.
• Mostvirtualization platforms,including XenServer and VMware ESX Server,support
abridging mode which allowsalldomainsto appearonthe network as
individualhosts.Byusingthismode,VMscancommunicatewithoneanother
freelythroughthevirtualnetworkinterfacecardandconfigurethenetwork
automatically.
• Virtualclustersenableadminstodeploy,trackandmanagecontainersacrss
varioussystemsto ensureperformance,securityandgovernanceandlowcot•.
• With many VMs, an inefficient configuration always causes problem. with
overloading orunderutilization.
• Amazon's EC2 provides elastic computing power in a cloud. EC- permit
customerstocreateVMs andtomanageuser accounts over thetime oftheiruse. Xen
ServerandVMware ESXi Server supporta bridging mode which allows all
domainstoappearonthenetworkasindividualhosts.WiththismodeVMscan
 ®
TECHNICALPUBLICATIONS -anup-thrustforknowledae
 VirtualizationInfrastructureand
0
.C..:..ou!:. o:m'p!u_ting------------------------------------------------------------------------------------------- --------_!
3_:_-14 :!._cke,r

communicatewithoneanotherfree1Y throughthevirtualnetworkinterface
c:a.r
and configurethenetworkautomatically.
Physicalversusvirtualclusters: morephysicalclut
. . VM • talledatoneor sers. 1e
• VirtualClustersarebuiltwith s ms db irtualnetworkacross
VMsinavirtualclusterareinterconnecte Yav severai
physicalnetworks.
Virtualclusterfeatures:
a) Virtualmachinescanberestartedon Otherhostsifthe hostwherethevirtual
machinerunningfails.
b) DistributedResourceScheduler:•V•irtua1 mach•mescanbeloadbalancedsothat
noneofthehostsistoooverloadedortoomuchemptyinthecluSter.
c) Livemigration:Ofvirtualmachinesfromonehosttoother.
• Fig.3.6.1showscloudplatformwithvirtualclster.
Physical Virtual machines
cluster1.

.........

Fig.3.6.1Cloudplatformexamplewiththreevirtualclustersovertwophysicalclusters

• TheprovisioningofVMstoavirtualclusterisdonedynamicallyandtheyhave
thefollowingproperties:
a) Virtualclusternodescanbeeitherphysicalorvirtualwithdifferentoperating systems.
b) VMrunswithaguestOSthatmanagestheresourcesinthephysicalmachine.
c) ThepurposeofusingVMsistoconsolidatemultiplefunctionalitiesonthe same server.
d) VMscan be replicated inmultipleservers to promote parallelism,fault
toleranceanddisasterdiscovery.
e) Theno.ofnodesinavirtualclustercangroworshrinkdynamically.
f) Thefailureof somephysicalnodeswillslowtheworkbutthefailureofyMs will cause
no harm.

TECHNICALPUBLICATIONs® anup th t k I d
- - rus ,or now e ge
 dcomputing 3-15
CJotl Virtua/izationInfrastructureandDocker
tertstlcsvirtualcluster:
ct1arac
Virttlalmachineorphysicalmachin .
1. . . eisusedas •tuI
running withdifferenttypesofOS vira clusternodes.MultipleVM
. hin . canbedeployedonthesamephysicalnode.
2. 1rtua1mac erunswithguest .
y
differentbutitmanagesthereso operatingsyste H OS andVMOSare
. m. ost
. urcesmthephysicalmachine.
3 _ Virtualmachinecanbereplicated•
. f 1 m .
mutipleservers
1 d ·t rtd ' ' b td
aralle11 sm, au ttoleranceanddi' t an 1 suppo 1 s t n u e
P saserrecovery.
4. umberofnodesofavirtualclustermaych d
. . . angeaccoringly.
s.IfVirtualmachine failes,itcannotaffetcthehostm a c h m. e
, Virtualclusterismanagedbyfourways: •
.We canuseaguest-based b .
1. 'd manager, ywhi chtheclustermanagerresides
ms1eaguestOS.Ex..•A1·muxc1ustercanrundi.fferentguestoperati.ng
systemsontopoftheXenhypervisor.
2. Wecanbringoutahost-basedmanagerwhichitselfisaclustermanageron
thehostsystems.Ex.:VMwareHA(HighAvailability)systemthatcanrestart a
guestsystemafterfailure.
3. An independent clustermanager,which canbe usedonboththe host and the guest-
makingthe infrastructure complex.
4. Finally,we mightalso use an integratedcluster(manager),ontheguestand
hostoperating systems;here the managermust clearly distinguishbetween
physical and virtual resources.

DDVirtualizationinDisasterRecovery
• Dataisaprimeassetforallbusinessorganizationsanditneedstobeprotected
fromgettinglost,hacking,phishingandidentitytheft.Virtualizationistheprocess
ofproducingavirtualversionofasystem,softwareorevenaworking
environmentratherthanaphysicalcounterpart,asdefinedbythedefinition.
• Disaster Recovery (DR) relies upon the replication of data and computer
proce inginanoff-premiseslocationnotaffectedbythedisaster.Whenserver
godownbecauseofanaturaldisaster,equipmentfailureorcyberattack,a busines
needstorecoverlostdatafromasecondlocationwherethedatai
backedup.
• Withadisasterrecoveryplan,youcanorganizetheactionstotakeincaeofany
diaterorincident. Thiswillspeeduptheresponsetimeandminimizedowntim.
• Reducingdowntime:Virtualizationsoftwareallowsbusineetocreate irnage-
baedbackupsoftheirvirtualmachines.T_hismeansthatintheeventofa
diater,businessescanrestoretheirsystemsqmckly,ratherthanhourordays

®
UCAT/ONS -Rnuo-thn1stfnrk,..n,.,/pr/r,P
TECHNICALPUB
 CloudComputing 3-16 Virtua/izationInfrastructureandD
Ocker

neededtorebuildsystemsfrom cratch.Therefore,wecanreduceandev
eliminatedwntim.Justaccessthedatafromanotherdevicetokeepworking. en
• Createoff-sitebackups:Whenwecreatebusinessbackups,wemustconsicthavingatleat n
copyoffilesonanoff-sitebackup.Thiswillallowuser to
rapidlrerfilesifanythinghelpswithourlocalbus1hessdataandstor.
. . age
de i .Whenservercanhaveissues,butpoweroutages,firesandothernatural
diatercanalsoaffecttheplace.Virtualizationcanautomaticallysendbacku filetooff-
sitebackupdevice. p
• Recoverdatafromfaileddrives: IfharddrivediesorRAIDfails,data
irtualizationsystemcanhelpus. Sinceitiscloudstorage,virtualizationcankeep
copiesoffilesevenifstoragedevicesstopworking.
• Test disasterrecovery plans: Virtualization can create a testenvironment onthe
system for testingthe disasterrecovery plan wheneverrequired. Thisallows
businessestoensure thattheir disaster recovery planiseffective andcanbe executed
efficiently whenrequired.
• Duplicate data forremote access: With virtualization, businessescanduplicate
theirdata in real-time or at specific intervals toa remote site. This allowsremote
usersto accesstheir data, applicationsandsystems inthe event ofa disaster.

m IntroductiontoDocker
• Dockerisquicklychangingthewaythatorganizationsaredeployingsoftware at scale.
• Docker 1s a tool that promisesto easilyencapsulatethe process ofcreatinga
distributableartifactforanyapplication,deployingitatscaleintoany environment,and
streamlining the workflowand responsiveness of agilesoftware organizations.
• Benefits:
1. Packagingsoftwareinawaythatleveragestheskillsdevelopersalreadyhave.
2. Bundling applicationsoftwareandrequired OS file systems together in a single
standardizedimageformat.
3. Abstracting software applicationsfrom thehardware without sacrificing
resources.

IJiiProcessSimplification
• Dockercansimplifybothworkflowsandcommunicationandthatusuallystarts with the
deploymentstory.
• 'F'
1

--
- showsworkflowwithandwithoutdocker.

TECHNICALPUBLICATIONs®-anup-thrustforknowledge
CloudComputing
3-17 Virtual/zationInfrastructureandDocker

Developmentteam Operationsteam
R_e_q_u_e_s_t_re_s_o_ur_c_e_s_.Jt---+----.iResourcesprovisioned

Scriptthedeployment i---1----1.iTweakthedeployrnent

Tweakthedeployment 1------------------------------------------------ LoopNtimes

Discoveradependencyt---+------iInstalldependency

Applicationisdeployed

Fig.3.7.1Traditionaldeploymentworkflow(withoutdocker)

l. Applicationdevelopersreqµestresourcesfromoperationsengineers.
2. Resourcesareprovisionedndhandedovertodevelopers.
3. Developersscriptandtooltheirdeployment.
4. Operationsengineersanddeveloperstweakthedeploymentrepeatedly.
5. Additionalapplicationdependenciesarediscoveredbydevelopers.
6. Operationsengineersworktoinstalltheadditionalrequirements.
7. Gotostep5and6.
8. Theapplicationisdeployed.
o Fig.3.7.2showsDockerdeployment"':'orkflow.
Developmentteam Operations team
Buildimage

Shipimagetoregistry Provideconfigurationinformation

Deploy

Applicationisdeployed

Flg.3.7.2Dockerdeploymentworkflow

®
TECHNICALPl/BLICATIONS -anup-thrustforknowledge
 Virtua/izationInfrastructureand
3-18
CloudComputing
. d shipittotheregistry.
1. d h DOckerunagean
.
Developersbmlte . nf'guration details to the container
. provide co 1 at\q
2. Operations engineers
provisionresources.
3. Developerstriggerdeployment.

ff#jBroadSupportandAdoption
. . . ortedwiththemajorityofthelargepubliccloud
• Docker1sincreasinglywe AWSElasticBeanstalk,GoogeAppEngine
1 supp ' , . s.
Forexample,Docerrunson 181
1
k ' IYI
Cloud,MicrosoftAzure,etc.
• Google's Eric Brewer announced that Google wou!d be s.upportingDocker as its
primary internal container format. RatherthanJU t b_einggoodRfor·these
companies,whatthismeansfortheDockercommunityisthatthereisstartingto
bealotofmoneybackingthestabilityandsuccessoftheDockerplatform.
• When docker released their libswarm development libraryat docker-Con2014,an
engineerfromOrcharddemonstrateddeployingadockercontainertoa
heterogeneousmixofcloudprovidersatthesametime.
• TheDocker-clientrunsdirectlyonmostmajoroperatingsystems,butbecausethe
DockerserverusesLinuxcontainers,it·doesnotrunonnon-Linuxsystems.
• DockerhastraditionallybeendevelopedontheUbuntuLinux·distribution,but
todaymostLinuxdistributionsandothermajoroperatingsystemsarenow supportedwhere
possible.

fDIArchitecture
• ThefundamentalarchitectureofDockerisasimpleclient-servermodel,with
onlyoneexecutablethatactsasbothcomponents,dependingonhowyouinvoke
thedockercommand.
• Underneaththosesimpleexteriors,Dockerheavilyleverageskernelmechanisms
such as IPTABLES, virtual bridging, cgroups, namespaces and various filesystem
drivers.
• Fig.3.7.3showsdockerarchitecture.

-.,... .-- - N
r--
I
L. .
a ., . L. IenI
a. ,

II I
CV)
Ia.,I

□ .S L. IOJI
.s a..,

□,,
I El
C:
El
C:
0
.
s
: E
,' -
I

-
0
Client Ir 0
- 0 El
C:
0 _,
I I

Server
0
Docker host -
Fig.3.7.3Dockerarchitecture

TECHNICALPUBLICATIONs®-anup-thrustforknowledge
 dcomputin_g
------:..3_-19: -'!V:frt!ua!llz_atlo'n!In!fr!as!
tr_uctureandDocker

• It consists of twoparts:The •
c1i entand th
componentswhichstoresdocker. e server.Registryisonemore
. . . imagesandmetadataaboutthoseimages
. •
• DockerEngme1saclient-serverbased apph cat • hf •
.
1 Aserverwhichisa continu mnwit ollowmgcomponents-
. 1
TAPI . . ousyrunnings • 11
ervi ceca edadaemonprocess.
• A RES whichinterfacesthe
giveinstructitwhattodo. programstousetalkwiththedaemonand

• Acommandlineinterfaceclient.
• Dockerclientistheprimaryserv• • .
edocker. Whe iceusmgwhichdockeruserscommunicatewith
th n we use commands "docker run"the client sends these
commandstodockerd' whichexecute themout.
DockerseNer
onLinuxhostorVirtualmachine

Dockerregistry
onLinuxhost,VMorSaas

Docker clientonlocalworkstation

Fig.3.7.4Dataflow

• Thecommand used bydocker depend on docker AP.Indockerclient can interact

morethan one daemon process.
• The dockerimages are buildingthe block of docker or docker image is a read-only
templatewithinstructionstocreateadockercontainer.Dockerimagesarethe most
buildpart ofdocker life cycle.
• The server does the ongoing workof running and managing your containers, and
youusethe clientto tellthe server whatto do.
• The dockerdaemon can runon any number of servers in the infrastructure and a
single client can address any number of servers.
• Clients drive all ofthe communication, but docker servers can talk directlyto
imageregistries when told to do so by the client.
• Clientareresponsiblefordirectingserverswhattodoandserverfocun
hostingcontainerizedapplications.
• Dockerregistrykeepsdockerimages.Wecanrunourprivateregistry.
• When we run the dockerpull and dockerrun commands, therequiredimageare
pulledfromourconfiguredregistrydirectory.
 ®
TECHNICALPUBLICAT/ONS -anup-thrustforknowledge
 CloudComputing 3-20
VlrtuallzatlonInfrastructureand0

• Usingdockerpushcommand,theimagecan registr beuploadedtoourconfig, ,

directory. - .re0

fRIContainerandKubernetes
• Acontai•neri.mage1. saready-to-runsoftwarepackagethatincludeseverythi•nga
programneedstoexecute,·m e1 ud'mgthecodeand anyrun-timesitneeds
applicationandsystemlibrariesanddefaultvaluesforanyimportantsettings.'
• Containerorchestration is concerned with the management of container lifecycles
particularlyinlarge,dynamic environments. Container orchestration is used b;
softwareteams tocontroland automate a variety oftasks on containermanagement.
• Containerorchestrationworksinanycontextwherecontainersareemployed.It
canassistyouindeployingthesameprogramacrossseveralenvironments
withouthavingtorewriteit.
• Kubernetesisan open-source container management platform that unifies a cluster
ofmachinesintoasinglepoolofcomputeresources.Withkubernetes, you organizeyour
applications in groups of containers,whichitrunsusing the Docker
engine,takingcareofkeepingyourapplicationrunningasyourequest.
• Kubernetesis anopensourcecontainerorchestrationplatformthatautomates many.ofthe
manual processes involved in deploying, managing,and scaling
containerizedapplications.
• KubemeteswasoriginallydevelopedanddesignedbyengineersatGoogle.
• Theprimary responsibilityof kubernetes is container orchestration.Thatmeans
makingsurethatallthecontainersthatexecutevariousworkloadsarescheduled to
runphysicalorvirtualmachines.
• Thecontainersmustbepackedefficientlyfollowingtheconstraintsofthe
deploymentenvironmentandtheclusterconfiguration.Inaddition,kubemetes mustkeep an
eye on allrunning containers andreplace dead,unresponsiveor
otherwiseunhealthycontainers.
• Kubemetesusesdockertorunimagesandmanagecontainers.
• Kubernetes allows several containerstowork in harmony,reducing operational
burden. Interestingly, this includes docker containers. Kubernetes can be integrated
with:hedockerengineanduses"Kubelets"tocoordinatetheschedulingofdocker
contamers.

• Th dockere_nginerunsthecontainerimage,whichiscreatedbyrunningdocker
build.Thehigher-levelconcepts(Joad' balanci·ng,servicediscoveryand network
policies) are controlled by kubemetes. When combined, bo ht docker arid

TECHNICALPUBLICAT/ONs®-anup-thrustforknowledge
 ud com;_p_ut_in_g "--
_3_-2_1
kubernete candevelop ---- VirtuallzationInfrastructureandDocker
amodern 1
rernernberedth two t c oudarchi t
' em,attheir e cturr.Howver itshould be
• Fig.3.7.5 h''Sk u br n t . cor(', an,fundamentallyd'f,f
c,ar'httecture. I erent.

Node1

Containers Contamers
Controlplane
Userinterface
POD1 POD2

GUI l Dockerengine

cu Node2

Containers Containers
Kubectl
POD1 P0D2

Dockerengine

Kubelet

Fig.3.7.5Kubernetesarchitecture
• Kubelet: Thisfunctionrunsonnodes,readscontainermanifests,anda ure
definedcontainershavestartedandarerunning.
• Node Theseperformtheassignedtasks,withthekubemetesmatercontrollm
them.
• Master: Thiscontrols thekubemetesnodesandisthe ource f allta
assignments.
1
• Pod: Whenoneormorecontainersaredeployedtoonenode. ntamcrm
podwillsharea hostname,anIPaddress,IPCandotherresoure
• Replicationcontroller: Controlsthenumberof"idential" p 1s 1 .1 i th,t
shouldberunningindifferentlocationonth lustr.
• Service: Thiswilldecoupletheworkdfinitinsfnm the is••\rvict'rt'qu,,r:;
.,ofl
areautomaticallysenttoth rightpod,regardleci.

TECHNICALPUBLICAT!ONS
® -------------
anupthrustforknowladgf:I
CloudComputing VirtualizationInfrastructureana
3-22
. . t olforkubemetes.
• Kubectl:Theprimaryconfiguration
•°tententitiesw1thmtheKubernetes
..
• Kubernetesobjects:Thesearepersis systr-i,.
The ar usdtorpresntthesae tt thecluster.
-,,l

ID TwoMarksQuestionswithAnswers

Whatisstoragevirtualizationincloudcomputing?
Ans.:toragevirtualizationincloudcomputingisshringphysical st0rageinto
multipletoragedevicesthatappearasasinglevirtualdevice.
Whatisnetworkingvirtualization?
Ans. : etworkvirtualizationreferstothetechnology thatenablespartitioningor
aggregatingacollectionofnetworkresourcesandpresentingthemtovarioususers ina
waythateachuserexperiencesanisolatedanduniqueviewofthephysicalnetwork.
etworkvirtualizationcreatesvirtualnetworkswherebyeachapplicationseesitsown
logicalnetworkindependentofthephysicalnetwork.
Whatisvirtualdesktopinfrastructure?
Ans. :Virtual desktop infrastructure is a term thatrefersto usinga virtualized desktop
thatishostedon avirtualmachinethatlivesonaserver.
Whatarethethreekeycomponentsofvirtualdesktopinfrastructure?
Ans. :Three key components ofvirtualdesktopinfrastructure are host, connection broker
andend points.
Q.S Whatiscloudanalytics?

Ans. :Cloud analytics is a type of cloud service model where data analysis and related
servicesareperformedonapublicorprivatecloud.Cloudanalyticscanrefertoany dataanalytics
orbusinessintelligenceprocessthatis carriedoutincollaborationwitha cloud service provider.
Q.6 Whatisfilelevelstoragevirtualization?

Ans.:Filelevelstoragevirtualization providesstoragevolumestooperatingsy tems

andapplicationsintheformoffilesanddirectories.Accesstostorageithrough
networkprotocols,suchascommonInternetfilesystemandnetworkfiley tems,
storageresourcesand capacityis may be underutilizedbecausefilesare boundto a
spedficfileserver.Itisnecessarymovethefilefromoneservertoanothererver.

□□Cl